Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > NZ Computing > Xtra Broadband usage skyrocketed

Reply
Thread Tools

Xtra Broadband usage skyrocketed

 
 
Boppy
Guest
Posts: n/a
 
      07-25-2009
Hi guys, I recently realised my wireless modem was not secured when it
was first installed and last week recified this by passwording access.
Since then my upload traffic has gone nuts. In the first two days of
this month's billing cycle I've exceeded the 10g limit and had to
upgrade to a 20 gig plan yesterday.

Yesterday one computer was switched off and my laptop was only been
connected to the network for 4 hours. Downloads have been 28.16 mb and
uploads have been 920.38. Looking back last week the major traffic was
uploading.

I don't have uTorrent or Limewire or any other ptp software running. I
do have Dropbox running but haven't needed to synchronise any
especially large files so I don't think that could be the problem.
Also I haven't sent any really large emails.

This is a screenshot of my services running: http://bayimg.com/GaCJhAAcn

Any suggestions of what might be causing so much upstream traffic?

Jo

 
Reply With Quote
 
 
 
 
PeeCee
Guest
Posts: n/a
 
      07-26-2009
"Boppy" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi guys, I recently realised my wireless modem was not secured when it
> was first installed and last week recified this by passwording access.
> Since then my upload traffic has gone nuts. In the first two days of
> this month's billing cycle I've exceeded the 10g limit and had to
> upgrade to a 20 gig plan yesterday.
>
> Yesterday one computer was switched off and my laptop was only been
> connected to the network for 4 hours. Downloads have been 28.16 mb and
> uploads have been 920.38. Looking back last week the major traffic was
> uploading.
>
> I don't have uTorrent or Limewire or any other ptp software running. I
> do have Dropbox running but haven't needed to synchronise any
> especially large files so I don't think that could be the problem.
> Also I haven't sent any really large emails.
>
> This is a screenshot of my services running: http://bayimg.com/GaCJhAAcn
>
> Any suggestions of what might be causing so much upstream traffic?
>
> Jo
>




Boppy

Your Wireless modem/router has been hacked while it was not passworded.

Either:
Someone will have been using it to seed Peer to Peer video, music or warez
torrents.
Or
The P2P server running on your PC
(see p2pimsvc and p2psvc in your list of running services)
Is allowing someone to suck something from your system that they want via
your hacked WiFi LAN.

To fix, reset the Wireless modem router to factory defaults by pressing the
reset button.
(instructions should be in the manual)
Then:
1 Change the admin user name and password before you do 'anything' else
2 Change any other access usernames and passwords.
3 Change the SSID to something that doesn't identify the brand of modem or
you (eg not Dlink, Belkin or your surname etc)
If can turn the SSID broadcast off once you have set it up, your wireless
devices will still work.
Note use proper passwords with alpha and numeric characters in them.
4 Change your Wireless to WPA or WPA2 and put in a similalry strong
passphrase.
5 Now enter your username and password to reestablish connection to
broadband from your ISP.

Finish off by removing any P2P programs from your PC and doing a full Virus
and Spyware scan.
Recommended apps for this include
Your favourite Anti Virus programs, or AVG, Avast if you don't have one.
(don't see any that I recognise in that list)
Ad Aware, Spybot Search & Destroy, Malware Bytes, Super Anti Spyware etc.


Best
Paul.

 
Reply With Quote
 
 
 
 
Gordon
Guest
Posts: n/a
 
      07-26-2009
On 2009-07-26, PeeCee <(E-Mail Removed)> wrote:
> "Boppy" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> Hi guys, I recently realised my wireless modem was not secured when it
>> was first installed and last week recified this by passwording access.
>> Since then my upload traffic has gone nuts. In the first two days of
>> this month's billing cycle I've exceeded the 10g limit and had to
>> upgrade to a 20 gig plan yesterday.
>>
>> Yesterday one computer was switched off and my laptop was only been
>> connected to the network for 4 hours. Downloads have been 28.16 mb and
>> uploads have been 920.38. Looking back last week the major traffic was
>> uploading.
>>
>> I don't have uTorrent or Limewire or any other ptp software running. I
>> do have Dropbox running but haven't needed to synchronise any
>> especially large files so I don't think that could be the problem.
>> Also I haven't sent any really large emails.
>>
>> This is a screenshot of my services running: http://bayimg.com/GaCJhAAcn
>>
>> Any suggestions of what might be causing so much upstream traffic?
>>
>> Jo
>>

>
>
>
> Boppy
>
> Your Wireless modem/router has been hacked while it was not passworded.
>

While this is on the horizon. Turning the modem off kills the threat, the
real question is what OS are you on. Ms Windows? If so she is not as she was
before the wireless installation. She is now part of the Borg empire.

Back up all data, format the HD, re-install Ms Windows and reflect upon the
experience.

No use in bolting the door after the horse has bolted, to quote the saying.

PS encryption goes hand in hand with passwording on a wireless network.



> Either:
> Someone will have been using it to seed Peer to Peer video, music or warez
> torrents.
> Or
> The P2P server running on your PC
> (see p2pimsvc and p2psvc in your list of running services)
> Is allowing someone to suck something from your system that they want via
> your hacked WiFi LAN.
>
> To fix, reset the Wireless modem router to factory defaults by pressing the
> reset button.
> (instructions should be in the manual)
> Then:
> 1 Change the admin user name and password before you do 'anything' else
> 2 Change any other access usernames and passwords.
> 3 Change the SSID to something that doesn't identify the brand of modem or
> you (eg not Dlink, Belkin or your surname etc)
> If can turn the SSID broadcast off once you have set it up, your wireless
> devices will still work.
> Note use proper passwords with alpha and numeric characters in them.
> 4 Change your Wireless to WPA or WPA2 and put in a similalry strong
> passphrase.
> 5 Now enter your username and password to reestablish connection to
> broadband from your ISP.
>
> Finish off by removing any P2P programs from your PC and doing a full Virus
> and Spyware scan.
> Recommended apps for this include
> Your favourite Anti Virus programs, or AVG, Avast if you don't have one.
> (don't see any that I recognise in that list)
> Ad Aware, Spybot Search & Destroy, Malware Bytes, Super Anti Spyware etc.
>
>
> Best
> Paul.
>

 
Reply With Quote
 
Boppy
Guest
Posts: n/a
 
      07-26-2009
Thanks for replying, guys.

My laptop crashed last week after installing SP1 and Vista was
reinstalled on a whole new hard drive. It was not reconnected to the
wireless network until the password was set (I was alerted to the lack
of password when I was let straight in and fixed it immediately). So
if anyone was hacking into my laptop previously, presumably they no
longer can - wireless is installed up on my desktop and the leeching
seemed to be happening even when the desktop was turned off but the
laptop was.

I've stopped the p2psvc in services.

I have Eset NOD antivirus that was installed by the tech who put in
the new hard drive and reinstalled Vista.

Jo
 
Reply With Quote
 
PeeCee
Guest
Posts: n/a
 
      07-26-2009
"Boppy" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Thanks for replying, guys.
>
> My laptop crashed last week after installing SP1 and Vista was
> reinstalled on a whole new hard drive. It was not reconnected to the
> wireless network until the password was set (I was alerted to the lack
> of password when I was let straight in and fixed it immediately). So
> if anyone was hacking into my laptop previously, presumably they no
> longer can - wireless is installed up on my desktop and the leeching
> seemed to be happening even when the desktop was turned off but the
> laptop was.
>
> I've stopped the p2psvc in services.
>
> I have Eset NOD antivirus that was installed by the tech who put in
> the new hard drive and reinstalled Vista.
>
> Jo




Jo

You don't make it clear if you reset your Wireless / Router/ Modem or not.
If you only entered a password and carried on then I would implore you to
reset the modem.
Or if you are frightened of losing your connection settings, at least leave
the thing off for 12- 24 hours.
This will force the pirate accessing your Wireless to relogon, only now he
won't have the password.

I based my comments on a case I had a few months ago.
I can assure you just setting the password on the Wireless Access point was
'not' enough to stop the leeching.
In the 3 days following the Wireless password being set another 6GB of data
was uploaded.

The PC and Laptop were clean and either off or packet logging showed they
were not the source of the data.
(one PC had to be left on unfortunately)
In the end we went the reset route and the ISP's tech told us the uploading
stopped instantly after we reset the Wireless / Router / modem and changed
all the passwords.

Best
Paul.

 
Reply With Quote
 
Carnations
Guest
Posts: n/a
 
      08-03-2009
On Sun, 26 Jul 2009 23:19:25 +1200, PeeCee wrote:

> In the end we went the reset route and the ISP's tech told us the
> uploading stopped instantly after we reset the Wireless / Router / modem
> and changed all the passwords.


Interesting that the router was the compromised device.


--
"Filtering the Internet is like trying to boil the ocean"
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Trade Me pimping Xtra Broadband Invisible NZ Computing 5 04-23-2006 04:24 AM
xtra broadband usage meter Andrew NZ Computing 4 12-17-2005 10:33 PM
Xtra Broadband Offer Paul Carter NZ Computing 64 12-18-2004 03:52 AM
Correct port for emule / edonkey on Xtra broadband? Alan Parker NZ Computing 2 12-12-2004 10:35 PM
Xtra Broadband site JedMeister NZ Computing 1 11-04-2003 01:37 AM



Advertisments